Comments on: Keeping your email secure http://it.gen.nz/2008/07/24/keeping-your-email-secure/ Writings on technology and society from Wellington, New Zealand Wed, 08 Feb 2012 04:57:44 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: colin http://it.gen.nz/2008/07/24/keeping-your-email-secure/comment-page-1/#comment-706 colin Tue, 29 Jul 2008 19:25:43 +0000 http://it.gen.nz/?p=130#comment-706 Decent crypto can indeed protect email contents from most eavesdroppers - but it's generally hard to use (compared to email without crypto) and doesn't play well with corporate email systems. Yes, you can provide smart cards with keys on to users but most people won't use them. Crypto right to the desktop is hard to use. The public service has been running a crypto layer on everyday email for years. It's completely transparent to the end users. It works through the various departments' mail servers recognising each other and encrypting all traffic between them automatically. Crypto is only applied during the transit across the Internet; not down to the desktop. Users are barely aware of the system. This works well - but it wouldn't have solved the National Party's problem - even if they used this system - unless their emails were leaked as a result of eavesdropping while they were being transmitted across the open Internet. In the National Party case the journalist concerned has said several times that he was given the emails by someone with a right to have them. Crypto won't fix that. Decent crypto can indeed protect email contents from most eavesdroppers – but it’s generally hard to use (compared to email without crypto) and doesn’t play well with corporate email systems. Yes, you can provide smart cards with keys on to users but most people won’t use them. Crypto right to the desktop is hard to use.

The public service has been running a crypto layer on everyday email for years. It’s completely transparent to the end users. It works through the various departments’ mail servers recognising each other and encrypting all traffic between them automatically. Crypto is only applied during the transit across the Internet; not down to the desktop. Users are barely aware of the system. This works well – but it wouldn’t have solved the National Party’s problem – even if they used this system – unless their emails were leaked as a result of eavesdropping while they were being transmitted across the open Internet.

In the National Party case the journalist concerned has said several times that he was given the emails by someone with a right to have them. Crypto won’t fix that.

]]> By: Tim McKenzie http://it.gen.nz/2008/07/24/keeping-your-email-secure/comment-page-1/#comment-704 Tim McKenzie Mon, 28 Jul 2008 04:34:24 +0000 http://it.gen.nz/?p=130#comment-704 "Nothing in email can be truly secure because its sent as plaintext across the Net". What about public key cryptography? I would suggest that the National Party (and any other parties that are worried) should look at using that. “Nothing in email can be truly secure because its sent as plaintext across the Net”.
What about public key cryptography? I would suggest that the National Party (and any other parties that are worried) should look at using that.

]]> By: colin http://it.gen.nz/2008/07/24/keeping-your-email-secure/comment-page-1/#comment-700 colin Thu, 24 Jul 2008 00:53:38 +0000 http://it.gen.nz/?p=130#comment-700 Peter You are right, I should have mentioned Pegasus even though client software wasn't my point today. David Harris - if you're reading this, sorry. Colin. Peter

You are right, I should have mentioned Pegasus even though client software wasn’t my point today. David Harris – if you’re reading this, sorry. Colin.

]]> By: Peter Lynch http://it.gen.nz/2008/07/24/keeping-your-email-secure/comment-page-1/#comment-699 Peter Lynch Thu, 24 Jul 2008 00:37:38 +0000 http://it.gen.nz/?p=130#comment-699 Shame on you, Colin, for not mentioning Pegasus Mail, made right here in New Zealand. p.s. the links to Google and Fastmail are not working. Shame on you, Colin, for not mentioning Pegasus Mail, made right here in New Zealand.

p.s. the links to Google and Fastmail are not working.

]]>